The New Cyber Threat Intelligence Integration Center
According to the Washington Post, the Obama administration is establishing a new agency to fuse intelligence from around the government when a cyber crisis occurs.
Published by The Lawfare Institute
in Cooperation With
According to the Washington Post, the Obama administration is establishing a new agency to fuse intelligence from around the government when a cyber crisis occurs. Lisa Monaco, assistant to the president for homeland security and counterterrorism, is quoted as saying that “policymakers and operators will benefit from having a rapid source of intelligence [about incoming cyberattacks],” and that policymakers will have an “integrated, all-tools approach to the cyberthreat.”
She's obviously right, and having an all-source intelligence fusion center that provides one-stop shopping for policy makers trying to react to a cyber crisis is clearly a good thing. But as someone who has followed the evolution of government processes to manage cyber threats, my first reaction is “Really? No one was doing this previously?” We’ve known for many years that a comprehensive attack assessment is a central element of an effective threat response—why is a unit with this function being stood up only now?
The Post story offers a clue regarding the answer when it quotes Melissa Hathaway—“We need to be forcing the existing organizations to become more effective — hold them accountable.” So a cynic might be tempted to conclude that the establishment of this unit is a bureaucratic workaround for a process that has been unable to deliver to policy makers all of the information available in a useful and timely manner. Walt Kelly would have understood.
Dr. Herb Lin is senior research scholar for cyber policy and security at the Center for International Security and Cooperation and Hank J. Holland Fellow in Cyber Policy and Security at the Hoover Institution, both at Stanford University. His research interests relate broadly to policy-related dimensions of cybersecurity and cyberspace, and he is particularly interested in and knowledgeable about the use of offensive operations in cyberspace, especially as instruments of national policy. In addition to his positions at Stanford University, he is Chief Scientist, Emeritus for the Computer Science and Telecommunications Board, National Research Council (NRC) of the National Academies, where he served from 1990 through 2014 as study director of major projects on public policy and information technology, and Adjunct Senior Research Scholar and Senior Fellow in Cybersecurity (not in residence) at the Saltzman Institute for War and Peace Studies in the School for International and Public Affairs at Columbia University. Prior to his NRC service, he was a professional staff member and staff scientist for the House Armed Services Committee (1986-1990), where his portfolio included defense policy and arms control issues. He received his doctorate in physics from MIT.